API Error Not Propagating

[straubt1]

go-tfe version

github.com/hashicorp/go-tfe v1.101.0

Description

When trying to create a GPG key with an unsupported public key algorithm (ed25519), the API returns a 400 Bad Request error, but the error message from the API is not properly propagated to the user, resulting in a generic error message that does not provide any useful information about the cause of the error.

This could also be occurring in other functions, but providing information on the one I had direct issues with.

Expected Behavior

err to contain the error message returned by the API, which should indicate that the public key algorithm is not supported.

{"errors":["Unsupported GPG Key algorithm. Supported key algorithms are [RSA, DSA]"]}

Actual Behavior

err = "error: 400 Bad Request"

Testing plan

Here is a sample code snippet that demonstrates the issue:

// TFE_TOKEN=<token> TFE_ORGANIZATION=<org> go run .
package main

import (
	"context"
	"fmt"
	"os"

	tfe "github.com/hashicorp/go-tfe"
)

// This is an ed25519 public key, which is currently not supported by the API and should trigger an error.
const hardcodedPublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEaSSIFRYJKwYBBAHaRw8BAQdAH5XOBJpem6rZnyfPcgBgv1HLpVbRZm4cTf/q
CSEPrvu0HFRlc3QgVXNlciA8dGVzdEBleGFtcGxlLmNvbT6IkwQTFgoAOxYhBEjI
vyUw/Snoxjv9pCxSRsVHzt1lBQJpJIgVAhsDBQsJCAcCAiICBhUKCQgLAgQWAgMB
Ah4HAheAAAoJECxSRsVHzt1lJd0A/iot5J+ltRjxWV3X15exo7pFAjmWKP1aIM11
SqDeCi/lAP9O39ycVHTIwMM7fSuDkJb5jwS0zaaGCthZ9+slBa4dB7g4BGkkiBUS
CisGAQQBl1UBBQEBB0BArz4rAN4monRQysvxsbRgsBruTSdrQ7pEQE0xqxDtKwMB
CAeIeAQYFgoAIBYhBEjIvyUw/Snoxjv9pCxSRsVHzt1lBQJpJIgVAhsMAAoJECxS
RsVHzt1l2UkBAL6spbHh35Zq5wG26xqmXxEFBcIDA3ZVMizWg8IYWUnFAQDIBFOn
57ZGoXO026ZENAKz7US50va93xT66xd8Bb98Dw==
=d04w
-----END PGP PUBLIC KEY BLOCK-----`

func main() {
	hostname := "app.terraform.io"
	token := os.Getenv("TFE_TOKEN")
	organization := os.Getenv("TFE_ORGANIZATION")

	if hostname == "" {
		hostname = "app.terraform.io"
	}
	if token == "" {
		fmt.Fprintln(os.Stderr, "error: TFE_TOKEN is required")
		os.Exit(1)
	}
	if organization == "" {
		fmt.Fprintln(os.Stderr, "error: TFE_ORGANIZATION is required")
		os.Exit(1)
	}

	cfg := &tfe.Config{
		Address: fmt.Sprintf("https://%s", hostname),
		Token:   token,
	}

	client, err := tfe.NewClient(cfg)
	if err != nil {
		fmt.Fprintf(os.Stderr, "error creating TFE client: %v\n", err)
		os.Exit(1)
	}

	ctx := context.Background()

	opts := tfe.GPGKeyCreateOptions{
		Namespace:  organization,
		AsciiArmor: hardcodedPublicKey,
	}

	fmt.Printf("Calling GPGKeys.Create() for namespace %q on %s\n", organization, hostname)

	key, err := client.GPGKeys.Create(ctx, tfe.PrivateRegistry, opts)
	if err != nil {
		fmt.Fprintf(os.Stderr, "GPGKeys.Create() error: %v\n", err)
		os.Exit(1)
	}

	fmt.Printf("Success! KeyID: %s\n", key.KeyID)
}

Set ENV vars and run:

export TFE_TOKEN=<token>
export TFE_ORGANIZATION=<org>
go run .

Example output:

Calling GPGKeys.Create() for namespace "terraform-tom" on app.terraform.io
GPGKeys.Create() error: 400 Bad Request
exit status 1